|Category:||Debian Local Security Checks|
|Title:||Debian: Security Advisory for lilypond (DSA-4756-1)|
|Summary:||The remote host is missing an update for the 'lilypond'; package(s) announced via the DSA-4756-1 advisory.|
The remote host is missing an update for the 'lilypond'
package(s) announced via the DSA-4756-1 advisory.
Faidon Liambotis discovered that Lilypond, a program for typesetting
sheet music, did not restrict the inclusion of Postscript and SVG
commands when operating in safe mode, which could result in the
execution of arbitrary code when rendering a typesheet file with
embedded Postscript code.
'lilypond' package(s) on Debian Linux.
For the stable distribution (buster), this problem has been fixed in
We recommend that you upgrade your lilypond packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-17353|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.